Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-7493

Опубликовано: 16 мая 2017
Источник: redhat
CVSS3: 7.1
CVSS2: 6.5

Описание

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 10 (Newton)qemu-kvm-rhevNot affected
Red Hat OpenStack Platform 11 (Ocata)qemu-kvm-rhevNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-284
https://bugzilla.redhat.com/show_bug.cgi?id=1451709Qemu: 9pfs: guest privilege escalation in virtfs mapped-file mode

7.1 High

CVSS3

6.5 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2017-7493

CVSS3: 7.8
ubuntu
около 8 лет назад

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest.

nvd логотип

CVE-2017-7493

CVSS3: 7.8
nvd
около 8 лет назад

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest.

debian логотип

CVE-2017-7493

CVSS3: 7.8
debian
около 8 лет назад

Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...

github логотип

GHSA-w8mx-2pfw-8h8q

CVSS3: 7.8
github
около 3 лет назад

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest.

suse-cvrf логотип

openSUSE-SU-2017:1872-1

suse-cvrf
почти 8 лет назад

Security update for qemu

7.1 High

CVSS3

6.5 Medium

CVSS2